Cryptocurrency Mining Group Abuses Oracle WebLogic Server Vulnerabilities
Security researchers have uncovered a cryptocurrency mining operation conducted by the 8220 gang that exploits vulnerabilities in Oracle WebLogic Server. Known as Water Sigbin, the threat actor uses fileless execution techniques to bypass detection mechanisms, allowing the malware code to run solely in memory. The initial access is gained through vulnerabilities such as CVE-2017-3506, CVE-2017-10271, … Read more